package cn.portx.frame;

import java.util.ArrayList;
import java.util.Date;
import java.util.List;

import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import com.bstek.bdf3.jpa.JpaUtil;
import com.bstek.bdf3.saas.Constants;
import com.bstek.bdf3.saas.domain.Organization;
import com.bstek.bdf3.security.ContextUtils;
import com.bstek.bdf3.security.orm.OrganizationSupport;

import cn.portx.frame.entity.Notice;
import cn.portx.frame.entity.UserEntity;

@RestController("cn.portx.NoticeController")
public class NoticeController {

	@Autowired
	private NoticePR noticePR;

	@Autowired
	protected PasswordEncoder passwordEncoder;

	@RequestMapping(value = "/send-notice")
	@ResponseBody
	public String sendNotice(@RequestParam String content, @RequestHeader(value = "username", required = false) String username,
			@RequestHeader(value = "password", required = false) String password) {
		String error = null;
		if (StringUtils.isEmpty(username)) {
			Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
			if (authentication == null) {
				error = "必须提供用户名密码！";
			} else {
				if (authentication instanceof AnonymousAuthenticationToken) {
					error = "必须提供用户名密码！";
				} else {
					OrganizationSupport os = (OrganizationSupport) authentication.getPrincipal();
					if (!Constants.MASTER.equals(((Organization) os.getOrganization()).getId())) {
						error = "您无权进行该操作！";
					}
				}
			}
		}
		if (error == null) {
			List<UserEntity> ueList = JpaUtil.linq(UserEntity.class).idEqual(username).equal("password", this.passwordEncoder.encode(password)).list();
			if (ueList.isEmpty()) {
				error = "用户名或密码错误！";
			} else {
				UserEntity ue = ueList.get(0);
				if (!Constants.MASTER.equals(ue.getOrgId())) {
					error = "您无权进行该操作！";
				}
			}
		}
		if (error == null) {
			Notice notice = new Notice();
			notice.setSender(ContextUtils.getLoginUsername());
			notice.setCreateDate(new Date());
			notice.setCreateUser(ContextUtils.getLoginUsername());
			notice.setContent(content);
			notice.setIsAll(true);
			try {
				this.noticePR.remoteSaveNotice(notice);
			} catch (Exception e) {
				e.printStackTrace();
				error = e.getMessage();
			}
		}
		return error;
	}
}
